usr/src/lib/libbrand/dtd/brand.dtd.1

   1 <?xml version='1.0' encoding='UTF-8' ?>
   2
   3 <!--
   4  CDDL HEADER START
   5
   6  The contents of this file are subject to the terms of the
   7  Common Development and Distribution License (the "License").
   8  You may not use this file except in compliance with the License.
   9
  10  You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  11  or http://www.opensolaris.org/os/licensing.
  12  See the License for the specific language governing permissions
  13  and limitations under the License.
  14
  15  When distributing Covered Code, include this CDDL HEADER in each
  16  file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  17  If applicable, add the following below this CDDL HEADER, with the
  18  fields enclosed by brackets "[]" replaced with your own identifying
  19  information: Portions Copyright [yyyy] [name of copyright owner]
  20
  21  CDDL HEADER END
  22
  23  Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved.
  24  Copyright (c) 2011, Joyent, Inc. All rights reserved.
  25
  26  DO NOT EDIT THIS FILE.
  27
  28  Copyright 2014 Nexenta Systems, Inc. All rights reserved.
  29 -->
  30
  31 <!--
  32   verify_cfg
  33
  34     Identifies the program to be invoked by zonecfg to verify that the
  35     zone's configuration is legal, and that all the configured devices,
  36     attributes, etc. are legal for this brand.
  37
  38     The program is called with a single argument: the path to a file
  39     containing a temporary config.xml file the zone.  It should return 0
  40     on success and non-0 on failure.  Any detailed error messages should be
  41     displayed to stderr.
  42
  43     It has no attributes.
  44
  45 -->
  46 <!ELEMENT verify_cfg    (#PCDATA) >
  47 <!ATTLIST verify_cfg>
  48 <!--
  49   verify_adm
  50
  51     Identifies the program invoked by zoneadm to perform brand-specific
  52     checks as to the viability of a zone on this specific machine.
  53
  54     The following replacements are performed:
  55
  56       %z        Name of zone
  57       %R        Zonepath of zone
  58       Additional arguments, if any, are appended.
  59
  60     The program should return 0 on success and non-0 on failure.  Any
  61     detailed error messages should be displayed to stderr.
  62
  63     It has no attributes.
  64
  65 -->
  66 <!ELEMENT verify_adm    (#PCDATA) >
  67 <!ATTLIST verify_adm>
  68
  69 <!--
  70   install
  71
  72     Identifies the program to invoke when installing a zone.  The following
  73     replacements are performed:
  74
  75       %z        Name of zone
  76       %R        Zonepath of zone
  77       Additional arguments, if any, are appended.
  78
  79     It has no attributes.
  80 -->
  81 <!ELEMENT install       (#PCDATA) >
  82 <!ATTLIST install>
  83
  84 <!--
  85   installopts
  86
  87     Identifies the command-line options supported by the brand's
  88     installation program, allowing zoneadm to parse the install line
  89     properly.
  90
  91     It has no attributes.
  92 -->
  93 <!ELEMENT installopts   (#PCDATA) >
  94 <!ATTLIST installopts>
  95
  96 <!--
  97   boot
  98
  99     This is a program which gets run by zoneadmd when a zone is booted.
 100     The program will be invoked as the last step in the zone booting
 101     process before the the first process is spawned inside the zone.
 102
 103     If this programs succeeds it should not generate any output.
 104     If this program returns an error, any output generated by the
 105     program will be sent to the zoneadmd message log.
 106
 107     The following replacements are performed:
 108
 109       %z        Name of zone
 110       %R        Zonepath of zone
 111       Additional arguments, if any, are appended.
 112
 113     It has no attributes.
 114 -->
 115 <!ELEMENT boot  (#PCDATA) >
 116 <!ATTLIST boot>
 117
 118 <!--
 119   sysboot
 120
 121     This is a program that will be run by zoneadm during system boot for an
 122     installed zone that won't automatically boot.
 123
 124     If the program succeeds, then it should not generate output.
 125     If the program returns an error, then the output it generates will be
 126     sent to the zones SMF service's message log.
 127
 128     The following replacements are performed:
 129
 130       %z        Name of the target zone
 131       %R        Zonepath of the target zone
 132       Additional arguments, if any, are appended.
 133
 134     This element has no attributes.
 135 -->
 136 <!ELEMENT sysboot       (#PCDATA) >
 137 <!ATTLIST sysboot>
 138
 139 <!--
 140   halt
 141
 142     This is a program which gets run by zoneadmd when a zone is being
 143     halted.  This callback is provided to allow a brand to cleanup any
 144     special configuration that was setup during boot.
 145
 146     This program will also be invoked by zoneadmd if any part of the zone
 147     booting process fail, even if the booting process failed before the
 148     brand boot program was invoked.  It is also possible that if the zone
 149     fails to halt after invoking this program, future attempts to halt the
 150     zone will invoke this program again.  So this program should be
 151     designed to clean up any resources allocated to a zone but it should
 152     also be able to gracefully handle the case where resources that it
 153     expects to release are not actually allocated (or have been already
 154     released.)
 155
 156     If this programs succeeds it should not generate any output.  If this
 157     program returns an error, any output generated by the program will be
 158     sent to the zoneadmd message log.
 159
 160     The following replacements are performed:
 161
 162       %z        Name of zone
 163       %R        Zonepath of zone
 164       Additional arguments, if any, are appended.
 165
 166     It has no attributes.
 167 -->
 168 <!ELEMENT halt  (#PCDATA) >
 169 <!ATTLIST halt>
 170
 171 <!--
 172   shutdown
 173
 174     This is a program which gets run by zoneadmd when a zone is being
 175     shutdown gracefully. Currently only asynchronous mode is supported.
 176
 177     If this program succeeds it should not generate any output. If this
 178     program returns an error, any output generated by the program will be
 179     sent to the zoneadmd message log.
 180
 181     The following replacements are performed:
 182
 183       %z        Name of zone
 184       %R        Zonepath of zone
 185       Additional arguments, if any, are appended.
 186
 187     It has no attributes.
 188 -->
 189 <!ELEMENT shutdown      (#PCDATA) >
 190 <!ATTLIST shutdown>
 191
 192 <!--
 193   modname
 194
 195     Path to the kernel module that implements the kernel-level
 196     functionality of the brand.
 197
 198     It has no attributes.
 199 -->
 200 <!ELEMENT modname       (#PCDATA) >
 201 <!ATTLIST modname>
 202
 203 <!--
 204   initname
 205
 206     Path to the initial executable that should be launched when booting a
 207     branded zone.
 208
 209     It has no attributes.
 210 -->
 211 <!ELEMENT initname      (#PCDATA) >
 212 <!ATTLIST initname>
 213
 214 <!--
 215   restartinit
 216
 217     Boolean indicating that the program specified by the initname attr
 218     should be restarted, or not, if it exits.  By default, the init program
 219     will be restarted if this attribute is not provided.  Specifying false
 220     for this attr will prevent that.
 221
 222     It has no attributes.
 223 -->
 224 <!ELEMENT restartinit   (#PCDATA) >
 225 <!ATTLIST restartinit>
 226
 227 <!--
 228   login_cmd
 229
 230     Path to the initial login binary that should be executed when
 231     attempting to zlogin into a branded zone.
 232
 233     The following replacements are performed:
 234
 235       %Z        Name of the current zone
 236       %u        User login name
 237
 238     It has no attributes.
 239 -->
 240 <!ELEMENT login_cmd     (#PCDATA) >
 241 <!ATTLIST login_cmd>
 242
 243 <!--
 244   forcedlogin_cmd
 245
 246     Path to the initial login binary that should be executed when
 247     attempting to zlogin into a branded zone without authentication.
 248
 249     The following replacements are performed:
 250
 251       %Z        Name of the current zone
 252       %u        User login name
 253
 254     It has no attributes.
 255 -->
 256 <!ELEMENT forcedlogin_cmd       (#PCDATA) >
 257 <!ATTLIST forcedlogin_cmd>
 258
 259 <!--
 260   user_cmd
 261
 262     Path to the binary that will translate a user name to a passwd(4) entry.
 263
 264     The following replacements are performed:
 265
 266       %u        User login name
 267
 268     It has no attributes.  The passwd(4) entry is used to determine $LOGNAME,
 269     $HOME, and $SHELL for non-interactive "zlogin -l <user> <cmd>".
 270 -->
 271 <!ELEMENT user_cmd   (#PCDATA) >
 272 <!ATTLIST user_cmd>
 273
 274 <!--
 275   attach
 276
 277     Path to a hook that will perform any necessary processing on
 278     a zone to allow it to be attached.  The zone will be in the "configured"
 279     state when this hook is run.  This hook is never called when the zone
 280     is "force attached" (-F).
 281
 282     If this hook exits with a non-zero exit status, the attach operation
 283     will fail.
 284
 285     The following replacements are performed:
 286
 287       %z        Name of zone
 288       %R        Zonepath of zone
 289       Additional arguments, if any, are appended.
 290
 291     If no hook is provided, the internal zoneadm attach code will be used.
 292
 293     It has no attributes.
 294 -->
 295 <!ELEMENT attach        (#PCDATA) >
 296 <!ATTLIST attach>
 297
 298 <!--
 299   postattach
 300
 301     Path to a hook that will perform any necessary post-processing on
 302     a zone after it has been attached.  The zone will be in the "installed"
 303     state when this hook is run.  This hook is never called when the zone
 304     is "force attached" (-F).
 305
 306     If this hook exits with a non-zero exit status, the attach operation
 307     will fail and the zone state will be reset to "configured".
 308
 309     The following replacements are performed:
 310
 311       %z        Name of zone
 312       %R        Zonepath of zone
 313       Additional arguments, if any, are appended.
 314
 315     It has no attributes.
 316 -->
 317 <!ELEMENT postattach    (#PCDATA) >
 318 <!ATTLIST postattach>
 319
 320 <!--
 321   postclone
 322
 323     Path to a hook that will perform any necessary post-processing on
 324     a zone after it has been cloned.  The zone will be in the "incomplete"
 325     state when this hook is run.
 326
 327     If this hook exits with a non-zero exit status, the clone operation
 328     will fail and the zone will be left in the "incomplete" state,
 329     otherwise the state will be changed to the "installed" state.
 330
 331     The following replacements are performed:
 332
 333       %z        Name of zone
 334       %R        Zonepath of zone
 335       Additional arguments, if any, are appended.
 336
 337     It has no attributes.
 338 -->
 339 <!ELEMENT postclone     (#PCDATA) >
 340 <!ATTLIST postclone>
 341
 342 <!--
 343   postinstall
 344
 345     Path to a script that will perform any necessary post-processing on
 346     a zone after it has been freshly installed.  This hook will run after the
 347     install hook completes and the zone is in the installed state.  The
 348     additional arguments are the same as what is passed to the install hook.
 349
 350     The following replacements are performed:
 351
 352       %z        Name of zone
 353       %R        Zonepath of zone
 354       Additional arguments, if any, are appended.
 355
 356     It has no attributes.
 357 -->
 358 <!ELEMENT postinstall   (#PCDATA) >
 359 <!ATTLIST postinstall>
 360
 361 <!--
 362   predetach
 363
 364     Path to a hook that will perform any necessary pre-processing on
 365     a zone before it is detached.  The zone will be in the "installed"
 366     state when this hook is run.
 367
 368     It is possible that if the zone fails to detach after invoking this
 369     hook, future attempts to detach the zone will invoke this hook again.
 370     So this hook should be designed to gracefully handle the case where
 371     it is run multiple times on the same zone.  If this hook exits with
 372     a non-zero exit status, the detach operation will fail.
 373
 374     This hook is most commonly used when there is pre-processing for detaching
 375     a zone but the built-in detach support will be used for the actual
 376     detach.  Otherwise, if a detach hook is provided, then it can be used
 377     to do both preprocessing as well as the actual detach.
 378
 379     The following replacements are performed:
 380
 381       %z        Name of zone
 382       %R        Zonepath of zone
 383       Additional arguments, if any, are appended.
 384
 385     It has no attributes.
 386 -->
 387 <!ELEMENT predetach     (#PCDATA) >
 388 <!ATTLIST predetach>
 389
 390 <!--
 391   detach
 392
 393     Path to a hook that will perform any necessary processing on
 394     a zone to allow it to be detached.  The zone will be in the "installed"
 395     state when this hook is run.
 396
 397     It is possible that if the zone fails to detach while running this
 398     hook, future attempts to detach the zone will invoke this hook again.
 399     So this hook should be designed to gracefully handle the case where
 400     it is run multiple times on the same zone.  If this hook exits with
 401     a non-zero exit status, the detach operation will fail and the zone will
 402     be left in the "installed" state, otherwise the state will be changed
 403     to "configured".
 404
 405     The following replacements are performed:
 406
 407       %z        Name of zone
 408       %R        Zonepath of zone
 409       Additional arguments, if any, are appended.
 410
 411     If no hook is provided, the internal zoneadm detach code will be used.
 412
 413     It has no attributes.
 414 -->
 415 <!ELEMENT detach        (#PCDATA) >
 416 <!ATTLIST detach>
 417
 418 <!--
 419   clone
 420     Path to a hook that will perform any necessary processing on a zone to
 421     allow it to be installed via cloning.  Cloning is an alternative to
 422     installing so this hook should result in the same effect for the zone.
 423     The zone will be in the "incomplete" state when this hook is run.
 424
 425     If this hook exits with a non-zero exit status, the clone operation
 426     will fail and the zone will be left in the "incomplete" state, otherwise
 427     the state will be changed to "installed".
 428
 429     The following replacements are performed:
 430
 431       %z        Name of zone
 432       %R        Zonepath of zone
 433       1st arg   name of source zone
 434       Additional arguments, if any, are appended.
 435
 436     If no hook is provided, the internal zoneadm cloning code will be used.
 437 -->
 438 <!ELEMENT clone (#PCDATA) >
 439 <!ATTLIST clone>
 440
 441 <!--
 442   preuninstall
 443
 444     Path to a script that will perform any necessary pre-processing on
 445     a zone before it is uninstalled.  The zone will be in the "installed"
 446     state when this hook is run.
 447
 448     It is possible that if the zone fails to uninstall after invoking this
 449     hook, future attempts to uninstall the zone will invoke this hook
 450     again.  So this hook should be designed to gracefully handle the case
 451     where it is run multiple times on the same zone.  If this hook exits
 452     with a non-zero exit status, the uninstall operation will fail.
 453
 454     The following replacements are performed:
 455
 456       %z        Name of zone
 457       %R        Zonepath of zone
 458       Additional arguments, if any, are appended.
 459
 460     It has no attributes.
 461 -->
 462 <!ELEMENT preuninstall  (#PCDATA) >
 463 <!ATTLIST preuninstall>
 464
 465 <!--
 466   uninstall
 467     Identifies the hook to invoke when uninstalling a zone.  The zone will
 468     be in the "incomplete" state when this hook is run.
 469
 470     If this hook exits with a non-zero exit status, the uninstall operation
 471     will fail and the zone will be left in the "incomplete" state, otherwise
 472     the state will be changed to "configured".
 473
 474     The following replacements are performed:
 475
 476       %z        Name of zone
 477       %R        Zonepath of zone
 478       Additional arguments, if any, are appended.
 479
 480     If no hook is provided, the internal zoneadm uninstall code will be used.
 481 -->
 482 <!ELEMENT uninstall     (#PCDATA) >
 483 <!ATTLIST uninstall>
 484
 485 <!--
 486   presnap
 487     Identifies the hook to invoke before snapshotting a zone using the
 488     built-in ZFS clone support.
 489
 490     If this hook exits with a non-zero exit status, the snapshot operation
 491     will fail and the zfs clone operation will fail.
 492
 493     The following replacements are performed:
 494
 495       %z        Name of zone
 496       %R        Zonepath of zone
 497 -->
 498 <!ELEMENT presnap       (#PCDATA) >
 499 <!ATTLIST presnap>
 500
 501 <!--
 502   postsnap
 503     Identifies the hook to invoke after snapshotting a zone using the
 504     built-in ZFS clone support.
 505
 506     If this hook exits with a non-zero exit status, the zfs clone operation
 507     will fail.
 508
 509     The following replacements are performed:
 510
 511       %z        Name of zone
 512       %R        Zonepath of zone
 513 -->
 514 <!ELEMENT postsnap      (#PCDATA) >
 515 <!ATTLIST postsnap>
 516
 517 <!--
 518   validatesnap
 519     Identifies the hook to invoke to validate a snapshot of a zone using the
 520     built-in ZFS clone support.  This will validate a snapshot that was
 521     explicitly specified to the clone command when the user wants to
 522     re-use a snapshot from an earlier clone operation.
 523
 524     If this hook exits with a non-zero exit status, the snapshot validation
 525     operation will fail, meaning the zfs snapshot cannot be used to install
 526     the zone.
 527
 528     The following replacements are performed:
 529
 530       %z        Name of zone
 531       %R        Zonepath of zone
 532       1st arg   snapshot name
 533       2nd arg   snapshot path
 534 -->
 535 <!ELEMENT validatesnap  (#PCDATA) >
 536 <!ATTLIST validatesnap>
 537
 538 <!--
 539   prestatechange
 540     Identifies the hook to invoke before zoneadmd makes a state change.
 541     If this hook exits with a non-zero exit status, the action failed
 542     and no further state change activity will take place.
 543
 544     The following replacements are performed:
 545
 546       %z        Name of zone
 547       %R        Zonepath of zone
 548       1st arg   integer representing current state of zone
 549                         2 - installed
 550                         3 - ready
 551                         4 - running
 552                         5 - shutting down
 553                         6 - down
 554                         7 - mounted
 555       2nd arg   integer representing transition command
 556                         0 - ready
 557                         1 - boot
 558                         4 - halt
 559       3rd arg   Alternate root (zonepath is mounted under this root)
 560                         empty string if zone not mounted under alternate root
 561 -->
 562 <!ELEMENT prestatechange        (#PCDATA) >
 563 <!ATTLIST prestatechange>
 564
 565 <!--
 566   poststatechange
 567     Identifies the hook to invoke after zoneadmd makes a successful state
 568     change.  If this hook exits with a non-zero exit status, the action failed
 569     and zoneadmd treats the overall state change as failed, although
 570     all of the actions up to running the hook will have taken place.
 571
 572     The following replacements are performed:
 573
 574       %z        Name of zone
 575       %R        Zonepath of zone
 576     See prestatechange comment for 1st, 2nd and 3rd argument values.
 577 -->
 578 <!ELEMENT poststatechange       (#PCDATA) >
 579 <!ATTLIST poststatechange>
 580
 581 <!--
 582   query
 583     Identifies a hook which can be called to get brand-specific information
 584     about the zone.  There is no specific place in zones where this is called,
 585     calls within the zone infrastructure can be added as needed.
 586
 587     One example of the use of this hook is to query the implicit ZFS datasets
 588     supported by the brand.
 589
 590     If this hook exits with a non-zero exit status, the query failed,
 591     although in general, this hook shouldn't return non-zero.
 592
 593     The following replacements are performed:
 594
 595       %z        Name of zone
 596       %R        Zonepath of zone
 597       1st arg   Arbitrary string which the hook can use to determine what
 598                 data to return.  Brands implementing this hook should be
 599                 tolerant of arguments they don't support and simply do
 600                 nothing.
 601 -->
 602 <!ELEMENT query (#PCDATA) >
 603 <!ATTLIST query>
 604
 605 <!--
 606   privilege
 607
 608     Add a privilege to the default, prohibited, or required set for all
 609     zones of this brand with ip-type matched.  If a privilege is added
 610     to the default set all zones of this brand with ip-type matched on
 611     the system will inherit this privilege unless the privilege is
 612     removed via limitpriv in zonecfg(1m).  If a privilege is added to
 613     the prohibited set it can not be added to any zones with ip-type
 614     matched via limitpriv in zonecfg(1m).  If a privilege is added to
 615     the required set then all zones of this brand with ip-type matched
 616     on the system will inherit this privilege and it can't be removed via
 617     limitpriv in zonecfg(1m).
 618
 619     Its attributes are
 620       set       The name of the set the privilege should go into.
 621       name      The name of the privilege.
 622       ip-type   Optional, indicates that adding of the privilege to the
 623                 set only applies to certain IP types. Can be "shared" or
 624                 "exclusive". If it is not specified, the default value
 625                 "all" will be used, which means it is applicable regardless
 626                 the IP type.
 627
 628 -->
 629 <!ELEMENT privilege     (#PCDATA) >
 630 <!ATTLIST privilege     set     ( default | prohibited | required ) #REQUIRED
 631                         name    CDATA #REQUIRED
 632                         ip-type ( shared | exclusive ) "all" >
 633
 634 <!--
 635   brand
 636
 637     The toplevel container for a brand configuration.
 638
 639     Its attributes are
 640
 641       name      The name of the brand.  This must match the name of the
 642                 directory in which the configuration file is stored.
 643 -->
 644
 645 <!ELEMENT brand         (modname?, initname, restartinit?, login_cmd,
 646                         forcedlogin_cmd, user_cmd, install,
 647                         installopts?, boot?, sysboot?, halt?, shutdown?,
 648                         verify_cfg?, verify_adm?, postattach?, postclone?,
 649                         postinstall?, predetach?, attach?, detach?, clone?,
 650                         presnap?, postsnap?, validatesnap?,
 651                         preuninstall?, uninstall?,
 652                         prestatechange?, poststatechange?, query?,
 653                         privilege+)>
 654
 655 <!ATTLIST brand         name            CDATA #REQUIRED>